Do not use proxy on android 9 pie

Question

I just upgraded my Samsung Note 8 phone to Android OS 9.0 When I go to advanced wifi settings, I choose to use Proxy mode manually. Host: 192.168.1.8 Port: 8888 On the computer I turned on the Fiddler software to catch the packets. However, I could not catch any packets coming out from the phone. Before that I was using Android OS 8.0. I can still capture the packet using Fiddler Does Google have better security on Android 9.0

Answer 1

Not sure about your exact set up. I can recommend the following set up which generally works for me on all Android versions (including Android 9 / Pie). Note: this is app specific!

1. Download and run mitmproxy (https://mitmproxy.org/)
2. Set up the proxy for the device from the Wifi settings (probably like you did)
3. Open browser on device and go to: http://mitm.it
4. Download and install certificate
5. Add the following to your app's AndroidManifest.xml: <application android:networkSecurityConfig="@xml/network_security_config" ... > ... </application>
6. Add to your XML resource folder a file named network_security_config.xml and put the following contents:

<!-- SECURITY RISK -  This app's network data can now be intercepted!!! -->
<network-security-config>
    <base-config>
        <trust-anchors>
            <!-- Trust preinstalled CAs -->
            <certificates src="system" />
            <!-- Additionally trust user added CAs -->
            <certificates src="user" />
        </trust-anchors>
    </base-config>
</network-security-config>

7. Rebuild and launch app, and now you should see the requests go through you mitmproxy (web or console interface)

NOTE: if you want to achieve the same for an already compiled app, you can still follow same logic and steps (use apktool for decompile and re-assemble), unless the developer pinned the certificate via code checks (also can be bypassed by hooking engines like https://www.frida.re). Still possible to circumvent, but outside of this question scope :)

glhfdd